Home > Archive > LDAP > April 2005 > Applying filters on LDIF entries
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Applying filters on LDIF entries
|
|
| Gautam Gopalakrishnan 2005-04-22, 4:05 pm |
| Hi,
I would like to know if I can apply a Net::LDAP::Filter object
to a Net::LDAP::Entry object and see if it succeeds. I can see
no documentation that it is, so would like confirmation.=20
Basically my aim is to search a huge ldif dump when possible,
rather than hit the directory everytime.
Thanks
Gautam
| |
| Peter Marschall 2005-04-22, 4:05 pm |
| Hi,
On Friday 22 April 2005 15:48, Gautam Gopalakrishnan wrote:
> I would like to know if I can apply a Net::LDAP::Filter object
> to a Net::LDAP::Entry object and see if it succeeds. I can see
> no documentation that it is, so would like confirmation.
AFAIK there is no such possibility.
The ability to search for objects is part of the features thet an LDAP server
provides.
> Basically my aim is to search a huge ldif dump when possible,
> rather than hit the directory everytime.
Why ?
That's what LDAP srvers are for.
Peter
--
Peter Marschall
eMail: peter@adpm.de
| |
| Gautam Gopalakrishnan 2005-04-22, 4:05 pm |
| On 4/23/05, Peter Marschall <peter@adpm.de> wrote:
> On Friday 22 April 2005 15:48, Gautam Gopalakrishnan wrote:
> Why ?
> That's what LDAP srvers are for.
Some attributes don't change values very often and sometime you don't
need the latest information? Maybe it's just me, but I thought this
would be useful. I've started coding it, just for the challenge.
Cheers
Gautam
| |
| Peter Marschall 2005-04-22, 4:05 pm |
| Hi,
On Friday 22 April 2005 17:35, Gautam Gopalakrishnan wrote:
> Some attributes don't change values very often and sometime you don't
> need the latest information? Maybe it's just me, but I thought this
> would be useful. I've started coding it, just for the challenge.
You may use ldifgrep (http://sourceforge.net/projects/ldifgrep).
It's a perl script that greps the entries from an LDIF file where
the arguments matches an attribute's value
The problem for applying filters on LDIF entries is that you do not
know about the syntaxes of the attributes and thus do not know
how to compare the values.
An extreme example is certificateMatch as it is implemented in OpenLDAP 2.2:
A filter like
(userCertificate=2$EMAIL=joe@example.com,CN=John Doe,O=Example\5C,Ltd.,C=US)
finds objects that have the userCertificate attribute filled with a X.509
certificate with serial number 2 and the subject DN (in the X.509 notation)
/C=US/O=Example\5C,Ltd./CN=John Doe/EMAIL=joe@example.com
Trying to do things like that on LDIF files is quite hard IMHO (and one of the
major steps towards an LDAP server in Perl ;-)
Have fun
Peter
--
Peter Marschall
eMail: peter@adpm.de
| |
| Gautam Gopalakrishnan 2005-04-23, 8:58 am |
| On 4/23/05, Peter Marschall <peter@adpm.de> wrote:
> On Friday 22 April 2005 17:35, Gautam Gopalakrishnan wrote:
>=20
> You may use ldifgrep (http://sourceforge.net/projects/ldifgrep).
> It's a perl script that greps the entries from an LDIF file where
> the arguments matches an attribute's value
Not good enough :-(
> The problem for applying filters on LDIF entries is that you do not
> know about the syntaxes of the attributes and thus do not know
> how to compare the values.
I'm just using Net::LDAP::LDIF to usurp entries. I have some sample
code which works. Net::LDAP::Filter also eliminates most of the work
involved. Currently it implements just the operations I use at work
(and, or, exists and substrings). The code is slow mainly because
Net::LDAP::LDIF is slow. Parsing about 116000 entries takes about
20 minutes, of which 72% is spent inside Net::LDAP::LDIF. But it works.
http://www-personal.monash.edu.au/~...fsearch.pl.html
> Have fun
I am :-) Any kind of feedback is welcome.
Cheers
Gautam
|
|
|
|
|